<?
require "include/bittorrent.php";
dbconn();
loggedinorreturn();

if (!isset($CURUSER))
	error("Must be logged in to vote.");

if (!mkglobal("rating:id"))
	error("Missing form data.");

$id = 0 + $id;
if (!$id)
	error("Invalid ID.");

$rating = 0 + $rating;
if ($rating <= 0 || $rating > 5)
	error("Invalid rating.");

$res = query("SELECT owner FROM torrents WHERE id = $id");
$row = mysql_fetch_array($res);
if (!$row)
	error("No such torrent.");

$res = query("INSERT INTO ratings (torrent, user, rating, added) VALUES ($id, " . $CURUSER["id"] . ", $rating, NOW())");
if (!$res) {
	if (mysql_errno() == 1062)
		error("You have already rated this torrent.");
	else
		error(mysql_error());
}

query("UPDATE torrents SET numratings = numratings + 1, ratingsum = ratingsum + $rating WHERE id = $id");

header("Refresh: 0; url=details.php?id=$id&rated=1");
?>